CNNVD-202507-697 Information

CNNVD ID

CNNVD-202507-697

Related CVE

CVE-2025-6797

• CNNVD Published: 2025-07-07

Description (Chinese)

Marvell QConvergeConsole是美国Marvell公司的一款跨数据中心的统一适配器管理软件。 Marvell QConvergeConsole存在路径遍历漏洞，该漏洞源于getFileUploadBytes方法未正确验证用户提供路径，可能导致信息泄露。

Description (English)

Marvell QConvergeConsole is a United States-based multi-data centre integrated adapter management software. Marvell QConvergeConsole has a loophole in its path, which stems from the fact that the GetFileUploadBytes method does not correctly verify the user’s supply of the path, which may lead to the leaking of information.

Hazard Level

Medium

Vulnerability Type

路径遍历

Affected Vendor

Marwal Infotech

Published

2025-07-07

Last Modified

2026-02-24

References

https://www.zerodayinitiative.com/advisories/ZDI-25-456/